google-sheets
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill performs network requests to
sheets.googleapis.comusingcurl. As this is a well-known service and the operations are necessary for the skill's stated spreadsheet management functions, this activity is considered safe. - [CREDENTIALS_UNSAFE]: The skill correctly utilizes the
GOOGLE_SHEETS_TOKENenvironment variable for authentication. This secret is declared in thevm0_secretsmetadata field, adhering to the platform's standard security practices for credential handling. - [COMMAND_EXECUTION]: Local execution of
curlandjqis used to send API requests and process JSON responses. These are standard tools for programmatic web interaction and do not involve suspicious or obfuscated parameters. - [PROMPT_INJECTION]: The skill reads data from external spreadsheets, which constitutes an ingestion point for untrusted content and thus a surface for indirect prompt injection.
- Ingestion points: Spreadsheet cell data is fetched through
curlcommands inSKILL.md. - Boundary markers: None are explicitly used in the command templates.
- Capability inventory: Network access to Google APIs and local command execution via
curlandjq. - Sanitization: No content validation or sanitization is implemented within the provided templates; the skill assumes the integrity of the data returned by the API.
Audit Metadata